From afe0e9dd9f9eb4b2b006c56e23fb3da514582d54 Mon Sep 17 00:00:00 2001 From: iddoeldor Date: Wed, 22 Dec 2021 18:50:30 +0200 Subject: [PATCH] =?UTF-8?q?refactor=20SSL=20=F0=9F=94=91=20=20log?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 78e3b99..bd3b2d5 100644 --- a/README.md +++ b/README.md @@ -136,29 +136,27 @@ Java method hook generator using keyboard shortcut #### Fetch SSL keys ```js -var keylog_callback = new NativeCallback(function(ssl, line) { +var keylog_callback = new NativeCallback((ssl, line) => { send(Memory.readCString(line)); }, 'void', ['pointer', 'pointer']); if (ObjC.available) { - var CALLBACK_OFFSET = 0x2A8; + var CALLBACK_OFFSET = 0x2A8 if (Memory.readDouble(Module.findExportByName('CoreFoundation', 'kCFCoreFoundationVersionNumber')) >= 1751.108) { - CALLBACK_OFFSET = 0x2B8; + CALLBACK_OFFSET = 0x2B8 } Interceptor.attach(Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_info_callback'), { - onEnter: function (args) { - ptr(args[0]).add(CALLBACK_OFFSET).writePointer(keylog_callback); + onEnter(args) { + ptr(args[0]).add(CALLBACK_OFFSET).writePointer(keylog_callback) } - }); - + }) } else if (Java.available) { - var set_keylog_callback = new NativeFunction(Module.findExportByName(Module.findBaseAddress('libssl.so'), 'SSL_CTX_set_keylog_callback'), 'void', ['pointer', 'pointer']); - + var set_keylog_callback = new NativeFunction(Module.findExportByName('libssl.so', 'SSL_CTX_set_keylog_callback'), 'void', ['pointer', 'pointer']); Interceptor.attach(Module.findExportByName(libSSL, 'SSL_CTX_new'), { - onLeave: function(retval) { - set_keylog_callback(retval, keylog_callback); + onLeave(retval) { + set_keylog_callback(retval, keylog_callback) } - }); + }) } ```